Security Advisories

FSC-2011-1: LOG FILE ACCESS VULNERABILITY

Description

An attacker can gain unauthorized access to information stored in log files.

Affected Products

Risk Level: MEDIUM (Low/Medium/High/Critical)

F-Secure Internet Gatekeeper for Linux 3.x

Platforms

All platforms supported by the affected products.

Notes

The affected product version is not the latest in the product line. The recommended solution is to upgrade to version 4.x. A hotfix is provided for installations where upgrade is not possible.

Mitigating Factor

Limiting access to the admin UI port for the affected product by using network security functionality, such as firewalls, will also limit the range of computers that can attempt to utilize this vulnerability. Such limitation may already be in place in many environments.